package com.xgsm.springsecurityauthdemo.expression;

import com.xgsm.springsecurityauthdemo.domain.UserLogin;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.Collection;
import java.util.List;

@Component("ex")
public class LLSExpressionRoot{//    自定义权限校验方法
    public boolean hasAuthority(String authority){
//        1、获取当前登录人权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        UserLogin principal = (UserLogin)authentication.getPrincipal();
//        拿到权限信息
        List<String> permissions = principal.getPermissions();
        System.out.println("走到了自己的权限校验方法中....");
//        2、判断有没有接口上的权限字符
       return permissions.contains(authority);
    }
}
